AN ICT SECURITY MANAGEMENT FRAMEWORK

被引:0
|
作者
Chatzipoulidis, Aristeidis [1 ]
Mavridis, Ioannis [1 ]
机构
[1] Univ Macedonia, Dept Appl Informat, Egnatia 156, Thessaloniki, Greece
来源
SECRYPT 2010: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY | 2010年
关键词
Risk Management; ICT security; Information system controls;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Recently, organizations started to realize that managing information security is more than a software solution; it is a strategic discipline. This realization has emerged a major challenge in the business and technology field, the integration of all governance, risk, and compliance (GRC) activities to operate in synergy and balance in configuration with the business and security objectives. The goal of this paper is to develop a comprehensive ICT security management framework as a unified platform against the evolving GRC complexity. Considering the endemic nature of risk, the risk approach requires periodical rethinking in order to keep pace with security changes and prevent undesirable incidents while preserving the stakeholders' interests continuously. Such an approach depends on the risk management maturity level, and the portfolio of monitoring controls.
引用
收藏
页码:459 / 462
页数:4
相关论文
共 50 条
  • [1] ICT security management
    Schreurs, Jeanne
    Moreau, Rachel
    [J]. 14TH EUROPEAN CONCURRENT ENGINEERING CONFERENCE 2007/4TH FUTURE BUSINESS TECHNOLOGY CONFERENCE, 2007, : 39 - 43
  • [2] ICT security management and risk management
    Schreurs, Jeanne
    Moreau, Rachel
    [J]. 15TH EUROPEAN CONCURRENT ENGINEERING CONFERENCE/5TH FUTURE BUSINESS TECHNOLOGY CONFERENCE, 2008, : 63 - 68
  • [3] A Framework for Standardization of ICT Supply Chain Security
    Lu, Tianbo
    Guo, Xiaobo
    Yao, Puxin
    Xu, Bing
    Zhang, Xiaoyan
    Yang, Hongyu
    [J]. LISS 2013, 2015, : 1121 - 1126
  • [4] Mathematical model-based security management framework for future ICT outsourcing project
    Moon, Jewook
    Lee, Chanwoo
    Park, Sangho
    Kim, Yanghoon
    Chang, Hangbae
    [J]. DISCRETE APPLIED MATHEMATICS, 2018, 241 : 67 - 77
  • [5] An ICT based Project Management Learning Framework
    Alba-Elias, Fernando
    Gonzalez-Marcos, Ana
    Ordieres-Mere, Joaquin
    [J]. 2013 IEEE EUROCON, 2013, : 300 - 306
  • [6] The BIECO Conceptual Framework Towards Security and Trust in ICT Ecosystems
    Peres, Ricardo Silva
    Adkinson, Lilian
    Cioroaica, Emilia
    Marchetti, Eda
    Schiavone, Enrico
    Matheu, Sara
    Cosma, Ovidiu
    Piliszek, Radoslaw
    Barata, Jose
    [J]. TESTING SOFTWARE AND SYSTEMS, ICTSS 2021, 2022, 13045 : 230 - 232
  • [7] A Security Audit Framework for Security Management in the Enterprise
    Onwubiko, Cyril
    [J]. GLOBAL SECURITY, SAFETY, AND SUSTAINABILITY, PROCEEDINGS, 2009, 45 : 9 - 17
  • [8] A FRAMEWORK FOR INFORMATION SECURITY MANAGEMENT
    Angheluta, Dragos-Ionut
    Lupu, Luminita-Mihaela
    [J]. FROM MANAGEMENT OF CRISIS TO MANAGEMENT IN A TIME OF CRISIS, 2016, : 2 - 16
  • [9] A framework for the management of information security
    Leiwo, J
    Zheng, YL
    [J]. INFORMATION SECURITY, 1998, 1396 : 232 - 245
  • [10] A Dynamic Cyber Security Situational Awareness Framework for Healthcare ICT Infrastructures
    Islam, Shareeful
    Papastergiou, Spyridon
    Mouratidis, Haralambos
    [J]. 25TH PAN-HELLENIC CONFERENCE ON INFORMATICS WITH INTERNATIONAL PARTICIPATION (PCI2021), 2021, : 334 - 339
12345